Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Keeping include files outside of the we tree


Grakkam

Recommended Posts

(EDIT: DOH! The title should say "web tree", not "we tree". Stupid keyboard... :) )

 

Let's say my osC installation resides in

/username/public_html/onlinestore/

 

what if all include files were stored in something like

/username/osc_include/

I imagine this would add another layer of security by having fewer directories and files publicly available in the web tree.

 

Am I right in this? Or would it not make a difference?

Link to comment
Share on other sites

Stig,

 

Generally, directories outside of the /public_html directory are not accessible to website applications. Further, if your store is set up properly and secured properly, you don't need to change the directory structure at all.

 

 

 

 

Chris

Link to comment
Share on other sites

Generally, directories outside of the /public_html directory are not accessible to website applications.

I'm working on another application where I keep all the include files above /public_html/ and I have no problems reading the files from the application at all. May be different on different servers, I guess.

Link to comment
Share on other sites

  • 1 month later...

Generally, directories outside of the /public_html directory are not accessible to website applications.

Only partially true. HTML cannot access anything above the site root (what HTML calls "/"), but PHP can go anywhere, even other people's sites on the same server (unless blocked by adequate permissions).

 

As for the original question, I can't see that it would be any practical improvement to move PHP include files outside of the HTML tree. Keep in mind that such files cannot be directly read from a browser in any case (they are interpreted when invoked), so it would require planting another piece of code to include the file in question and display the variables it set.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...